package net.unimus.core.configuration.security;

import java.lang.reflect.Field;
import java.security.NoSuchAlgorithmException;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Security;
import java.util.Map;
import javax.crypto.Cipher;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.context.annotation.Configuration;

@Configuration
/* loaded from: input_file:BOOT-INF/lib/core-3.24.0-STAGE.jar:net/unimus/core/configuration/security/SecurityConfiguration.class */
public class SecurityConfiguration implements InitializingBean {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) SecurityConfiguration.class);

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() throws Exception {
        Security.setProperty("crypto.policy", "unlimited");
        if (isRestrictedCryptography()) {
            log.debug("Removing cryptography restrictions");
            removeCryptographyRestrictions();
            log.trace("Successfully removed cryptography restrictions");
        } else {
            log.debug("Cryptography restrictions not in effect");
        }
        log.debug("Adding BouncyCastle security provider");
        Security.addProvider(new BouncyCastleProvider());
    }

    private static boolean isRestrictedCryptography() {
        try {
            return Cipher.getMaxAllowedKeyLength("AES/ECB/NoPadding") <= 128;
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalStateException("Required cryptography configuration is not valid");
        }
    }

    private static void removeCryptographyRestrictions() {
        try {
            Class<?> cls = Class.forName("javax.crypto.JceSecurity");
            Class<?> cls2 = Class.forName("javax.crypto.CryptoPermissions");
            Class<?> cls3 = Class.forName("javax.crypto.CryptoAllPermission");
            Field declaredField = cls.getDeclaredField("isRestricted");
            declaredField.setAccessible(true);
            Field declaredField2 = Field.class.getDeclaredField("modifiers");
            declaredField2.setAccessible(true);
            declaredField2.setInt(declaredField, declaredField.getModifiers() & (-17));
            declaredField.set(null, false);
            Field declaredField3 = cls.getDeclaredField("defaultPolicy");
            declaredField3.setAccessible(true);
            PermissionCollection permissionCollection = (PermissionCollection) declaredField3.get(null);
            Field declaredField4 = cls2.getDeclaredField("perms");
            declaredField4.setAccessible(true);
            ((Map) declaredField4.get(permissionCollection)).clear();
            Field declaredField5 = cls3.getDeclaredField("INSTANCE");
            declaredField5.setAccessible(true);
            permissionCollection.add((Permission) declaredField5.get(null));
        } catch (Exception e) {
            log.warn("Failed to remove cryptography restrictions", (Throwable) e);
        }
    }
}
